A Facebook bug let app developers see photographs users had uploaded, but never posted, the social network said.
For two weeks in September, an error in the way Facebook shares photographs with third parties meant that apps could see not only photos users had posted on their Newsfeed, but also pictures in other parts of the site — on Facebook Stories or Facebook’s Marketplace, for instance.
The bug also “impacted photos that people uploaded to Facebook, but chose not to post,” Facebook developer Tomer Bar said in a statement on Friday.
Importantly, the only applications that had access to the hidden photographs were those to which users had already granted access to all their public photos, through the company’s application programming interface, Bar said.
“Currently, we believe this may have affected up to 6.8 million users and up to 1,500 apps built by 876 developers,” Bar said.
Users affected are those who had given permission to third-party apps to access their photos through the Facebook log-in function. There is no evidence that the bug led to any large-scale extraction of photos from the site.
“We’re sorry this happened,” Bar added. “Early next week we will be rolling out tools for app developers that will allow them to determine which people using their app might be impacted by this bug. We will be working with those developers to delete the photos from impacted users.”
The error is comparatively minor given Facebook’s scale.
In September, almost five times as many accounts were affected by a data breach in which hackers accessed personal information, including name, relationship status, search activity and recent location check-ins.
“The vulnerability was the result of a complex interaction of three distinct software bugs and it impacted ‘view as,’ a feature that lets people see what their own profile looks like to someone else,” Facebook vice president of product management Guy Rosen said at the time.
“It allowed attackers to steal Facebook access tokens, which they could then use to take over people’s accounts. Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don’t need to re-enter their password every time they use the app,” he added.
KINGPIN: Marset allegedly laundered the proceeds of his drug enterprise by purchasing and sponsoring professional soccer teams and even put himself in the starting lineups Notorious Latin American narco trafficker Sebastian Marset, who eluded police for years, was handed over to US authorities after his arrest on Friday in Bolivia. Marset, a Uruguayan national who was on the US most-wanted list, was passed to agents of the US Drug Enforcement Administration at Santa Cruz airport in Bolivia, then put on a US airplane, Bolivian state television showed. “The arrest and deportation were carried out pursuant to a court order issued by the US justice system,” Bolivian Minister of Government Marco Antonio Oviedo told reporters. The alleged kingpin was arrested in an upscale neighborhood of Santa
ACTIONABLE ADVICE: The majority of chatbots tested provided guidance on weapons, tactics and target selections, with Perplexity and Meta AI deemed to be the least safe From school shootings to synagogue bombings, leading artificial intelligence (AI) chatbots helped researchers plot violent attacks, according to a study published on Wednesday that highlighted the technology’s potential for real-world harm. Researchers from the nonprofit watchdog Center for Countering Digital Hate and CNN posed as 13-year-old boys in the US and Ireland to test 10 chatbots, including ChatGPT, Google Gemini, Perplexity, Deepseek and Meta AI. Eight of the chatbots assisted the make-believe attackers in more than half the responses, providing advice on “locations to target” and “weapons to use” in an attack, the study said. The chatbots had become a “powerful accelerant for
FAKE NEWS? ‘When the government demands the press become a state mouthpiece under the threat of punishment, something has gone very wrong,’ a civic group said The top US broadcast regulator on Saturday threatened media outlets over negative coverage of the Middle East war, after US President Donald Trump slammed critical headlines from the “Fake News Media.” The US president since his first term has derided mainstream media as “fake news” and has sued major outlets over what he sees as unfair coverage. Brendan Carr, head of the US Federal Communications Commission — which oversees the nation’s radio, television and Internet media — said broadcasters risked losing their licenses over news coverage. “The law is clear. Broadcasters must operate in the public interest, and they will
SCANDAL: Other images discovered earlier show Andrew bent over a female and lying across the laps of a number of women, while Mandelson is pictured in his underpants A photograph of former British prince Andrew and veteran politician Peter Mandelson sitting in bathrobes alongside late sex offender Jeffrey Epstein was unearthed on Friday in previously published documents. The image is believed to be the first known photograph of the two men with Epstein. They are currently engulfed in scandal in the UK over their ties to their mutual friend. The undated photograph, first reported by ITV News, shows King Charles III’s disgraced brother and former British ambassador to the US sitting barefoot outside on a wooden deck. They appear to have mugs with a US flag on them
RSS